[Mailman-Users] What would your dream Mailman web interface look like?
Peter Shute
pshute at nuw.org.au
Fri Apr 10 02:49:59 CEST 2015
Richard Damon wrote:
> > It would be helpful to me if it somehow allowed an iOS
> browser to stay logged in. I haven't found one that will -
> something to do with cookies expiring when the app is in the
> background, I think.
> >
> > Peter Shute
> >
> My understanding is this is a basic problem about using
> session cookies.
> In iOS, the browser "session" can end even without "closing"
> the browser, buy switching to another app, and the OS
> deciding it needs the memory from the browser so it unloads
> it, causing the cookies to disappear. Perhaps using a
> "long-lived" login cookie, but that has other security
> issues, and I am not positive that iOS browsers keep those
> either (and many more people have these disabled by default).
I can stay logged in for months on some other web sites, so it can be done. I guess it's just a matter of how adopting the same methods would affect security.
What I would normally do in cases like this is save the password in the browser, but for some reason Safari and other browsers don't offer that option for mailman logins - maybe something to do with the form only asking for a password, and not a username? If getting the login to survive going into the background isn't appropriate then doing whatever it takes to make the browser realise it's a login page would be a good second best.
That said, I haven't tested how long a Safari login will survive for a while now. Maybe the latest iOS does better.
Peter Shute
More information about the Mailman-Users
mailing list